Certificate Enrollment Protocols - Gap Analysis from Anders Rundgren on 2012-07-07 (public-webcrypto-comments@w3.org from July 2012)

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Sat, 07 Jul 2012 09:48:29 +0200
To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
Message-ID: <4FF7E9CD.6010905@telia.com>

- No support for two-factor authentication tokens
- No support for security hardware
- No support for key algorithm-agility with respect to the enrolling client
- No support for external key attributes including logotypes
- No support for enrollment process status verification by the issuer
- Limited support for key management
- Limited support server-based policies
- No support for transaction-based enrollments
- No support for a standardized browser interface
- No support for VPN profiles [1]
- No support for "ACL"-like data for keys
- No support for symmetric keys

Anders

1] Apple has extensive support for VPN profiles in their proprietary iOS solution

Received on Saturday, 7 July 2012 07:49:15 UTC